hi!
Thanks for applying the patch!
Please add the test case as well.
Btw, did you check with Stas and David about 5.4? Not sure if it is OK
at this stage, but we may need another RC already anyway (commits done
since last RC).
On Thu, Feb 23, 2012 at 2:26 AM, Scott MacVicar scott...@php.net wrote:
scottmac Thu, 23 Feb 2012 01:26:46 +
Revision: http://svn.php.net/viewvc?view=revisionrevision=323440
Log:
Fixed bug #61124 (Crash when decoding an invalid base64 encoded string).
Bug: https://bugs.php.net/61124 (Assigned) Segmentation fault
Changed paths:
U php/php-src/branches/PHP_5_3/ext/openssl/openssl.c
U php/php-src/branches/PHP_5_4/NEWS
U php/php-src/branches/PHP_5_4/ext/openssl/openssl.c
U php/php-src/trunk/ext/openssl/openssl.c
Modified: php/php-src/branches/PHP_5_3/ext/openssl/openssl.c
===
--- php/php-src/branches/PHP_5_3/ext/openssl/openssl.c 2012-02-22 23:42:18
UTC (rev 323439)
+++ php/php-src/branches/PHP_5_3/ext/openssl/openssl.c 2012-02-23 01:26:46
UTC (rev 323440)
@@ -4776,6 +4776,10 @@
if (!raw_input) {
base64_str = (char*)php_base64_decode((unsigned char*)data,
data_len, base64_str_len);
+ if (!base64_str) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Failed
to base64 decode the input);
+ RETURN_FALSE;
+ }
data_len = base64_str_len;
data = base64_str;
}
Modified: php/php-src/branches/PHP_5_4/NEWS
===
--- php/php-src/branches/PHP_5_4/NEWS 2012-02-22 23:42:18 UTC (rev 323439)
+++ php/php-src/branches/PHP_5_4/NEWS 2012-02-23 01:26:46 UTC (rev 323440)
@@ -1,6 +1,9 @@
PHP
NEWS
|||
?? ??? 2012, PHP 5.4.0 RC 9
+- OpenSSL:
+ . Fixed bug #61124 (Crash when decoding an invalid base64 encoded string).
+ (me at ktamura dot com, Scott)
15 Feb 2012, PHP 5.4.0 RC 8
- Core:
Modified: php/php-src/branches/PHP_5_4/ext/openssl/openssl.c
===
--- php/php-src/branches/PHP_5_4/ext/openssl/openssl.c 2012-02-22 23:42:18
UTC (rev 323439)
+++ php/php-src/branches/PHP_5_4/ext/openssl/openssl.c 2012-02-23 01:26:46
UTC (rev 323440)
@@ -4803,6 +4803,10 @@
if (!(options OPENSSL_RAW_DATA)) {
base64_str = (char*)php_base64_decode((unsigned char*)data,
data_len, base64_str_len);
+ if (!base64_str) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Failed
to base64 decode the input);
+ RETURN_FALSE;
+ }
data_len = base64_str_len;
data = base64_str;
}
Modified: php/php-src/trunk/ext/openssl/openssl.c
===
--- php/php-src/trunk/ext/openssl/openssl.c 2012-02-22 23:42:18 UTC (rev
323439)
+++ php/php-src/trunk/ext/openssl/openssl.c 2012-02-23 01:26:46 UTC (rev
323440)
@@ -4799,6 +4799,10 @@
if (!(options OPENSSL_RAW_DATA)) {
base64_str = (char*)php_base64_decode((unsigned char*)data,
data_len, base64_str_len);
+ if (!base64_str) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, Failed
to base64 decode the input);
+ RETURN_FALSE;
+ }
data_len = base64_str_len;
data = base64_str;
}
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
Pierre
@pierrejoye | http://blog.thepimp.net | http://www.libgd.org
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php